Peathah

joined 6 days ago
[–] Peathah@lemmy.world 2 points 23 hours ago (1 children)

Under the GDPR, every organisation must:

Define how long each category of personal data is stored Justify each retention period with a legal or operational basis Ensure data is deleted or anonymised once the purpose ends Document all retention rules in a clear and accessible format Apply retention rules consistently across all data systems Ensure third-party processors comply with the organisation’s retention instructions They can define their own reasonable terms. Sony chooses to delete that stuff.